<?php
  include __DIR__."/config/cors.php";
  include __DIR__."/database.php";
  include __DIR__."/log.php";
  session_start();

  $uid = @$_GET['uid'];
  $username = @$_GET['username'];
  $deleteUser = @$_GET['deleteUser'];
  $role = @$_GET['role'];

  if(!isset($username) or !isset($role)){
    echo json_encode([
        "code" => 202,
        "msg"=> "请管理员登陆后在删除"
      ]);
      exit;
  }

  if(!isset($uid)){
    echo json_encode([
        "code" => 203,
        "msg"=> "必要参数传递有误"
      ]);
      exit;
  }

  if($deleteUser == @$_SESSION['username']){
    echo json_encode([
        "code" => 203,
        "msg"=> "当前用户正在登录无法删除" . $_SESSION['username'] . $username
      ]);
      exit;
  }


    $db = new DB();
    $sql1 = "select * from user where username = '$username'";
    $data = @$db->selectOne($sql1);
    if(isset($data)){
      $sql2 = "update user set status = 'false' where id = '$uid'";
      if ($db->update($sql2)) {
          echo json_encode([
              "code" => 200,
              "msg"=>"删除成功"
          ]);
          mylog(@$data['id'],"删除成功","用户");
      } else {
           mylog(@$data['id'],"删除失败","用户");
          echo json_encode([
              "code" => 204,
              "msg"=> "删除失败"
          ]);
      }
    }else{
      echo json_encode([
          "code" => 205,
          "msg"=> "删除失败". $data
      ]);
    }
?>